To go into what I do at the MSP i work at, its mostly using the RMM tools to try and to everything. As a company, we seem to be lacking in the real power that comes with using a windows server(Like having GPOs that better lock-down security for machines.)
The things I am looking at specifically is:
-One place i can go to see an inventory of all machines
-The ability to have configs persistent on new machines (so the file /etc/whatever.conf gets auto-copied)
-The ability to remove all accounts(keeping root with a long password) except for a login server.
On top of that, I am going to be also setting up a mediawiki from turnkey, as well as my own encrypted text/voice chat with jitsi and zulip. I already have a Workstation server that is just an x2go host, and pfsense for routing. Everything is hosted on xcp-ng.
If you think theres something better I should be doing, please share, as I am doing this to learn, and would love any input.